Tdd Workflow
Security checks across malware telemetry and agentic risk
Overview
This is a coherent TDD guidance skill; its file-editing and shell-tool access fit the purpose but can change a project if allowed.
This skill appears safe as a TDD workflow aid. Before installing or invoking it, be aware that it is designed for software projects and may guide the agent to edit files, run test commands, and make commits; use a branch and review changes before accepting them.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If invoked in a repository, the agent may write tests, edit implementation files, run commands, and potentially create commits as part of the workflow.
These tools allow the agent to inspect files, modify code, and run shell commands; that is expected for test-driven development but can still alter the user's project.
allowed-tools: Read, Write, Edit, Glob, Grep, Bash
Use it on a clean branch or with version control, and ask the agent to request confirmation before running shell commands or committing changes.